<?php
// Role ID Reminder
// ----------------
// 1 - Anonymous
// 2 - Banned
// 3 - Developer
// 4 - Management
// 5 - Registered
// >5 - Custom Roles

#### GET ROLES ARRAY ###########################################################
// Returns an array of roles for a specific user
function get_roles_array($user_id = FALSE) {
	$base =& Base::getInstance();

	// Define roles array
	$roles = array();
	// If no user ID was supplied try to use a session user ID
	if ($user_id == FALSE) $user_id = ($base->sessvar['login']['user_id'] > 0 ? $base->sessvar['login']['user_id'] : FALSE);

	// If the user is anonymous return 1
	if ($user_id == FALSE) { array_push($roles, 1); return $roles; }

	if (!isset($base->sessvar['queries']['users2roles'])) {
		$base->db->select($base->db->table['users2roles']);
		$base->db->where('user_id = "'.$user_id.'"');
		$base->db->query() or sql_error(__FILE__, __LINE__);
		$base->sessvar['queries']['users2roles'] = serialize($base->db->result());
	}

	foreach (unserialize($base->sessvar['queries']['users2roles']) as $result) {
		$roles[] = $result['role_id'];
	}

	// Add Registered role
	if ($user_id) { array_push($roles, 5); return $roles; }

	// Anonymous
	else array(1);
}

#### ALLOWED ###################################################################
// Used to check if a user has access to something using the "and Above" "and Below" system
function allowed($role_id, $user_id = FALSE) {
	$base =& Base::getInstance();

	// Get roles from database
	if (!isset($base->sessvar['queries']['roles'])) {
		$base->db->select($base->db->table['roles']);
		$base->db->order('position', 'DESC');
		$base->db->query() or sql_error(__FILE__, __LINE__);
		$base->sessvar['queries']['roles'] = serialize($base->db->result());
	}
	foreach (unserialize($base->sessvar['queries']['roles']) as $result) {
		$roles[$result['role_id']] = $result['position'];
	}

	// Who's role ID's are we looking at? A specifed user or the current logged in user?
	if ($user_id) $user_role_ids = get_roles_array($user_id);
	else $user_role_ids = get_roles_array();

	// Check each role the user belongs to
	$allowed = FALSE;
	foreach ($user_role_ids as $user_role_id) {
		if ($roles[$user_role_id] == $roles[substr($role_id, 0, 1)]) $allowed = TRUE;
		else if (strstr($role_id, '+')) {
			if ($roles[$user_role_id] >= $roles[substr($role_id, 0, 1)]) $allowed = TRUE;
		}
		else if (strstr($role_id, '-')) {
			if ($roles[$user_role_id] <= $roles[substr($role_id, 0, 1)]) $allowed =  TRUE;
		}
	}

	return $allowed;
}

#### PERMISSION ################################################################
// Deals solely with permissions found in the permissions table
function permission($for) {
	$base =& Base::getInstance();

	if (!isset($base->sessvar['queries']['permissions'])) {
		$base->db->select($base->db->table['permissions']);
		$base->db->query() or sql_error(__FILE__, __LINE__);
		$base->sessvar['queries']['permissions'] = serialize($base->db->result());
	}

	foreach (unserialize($base->sessvar['queries']['permissions']) as $permission) {
		// Return TRUE if we have permission
		if ($permission['name'] == $for && allowed($permission['role_id'])) return TRUE;
	}

	// Failing that...
	return FALSE;
}

#### GET ALLOWED TO ############################################################
// Return to which role something is visible to
function get_allowed_to($visible_to) {
	$base =& Base::getInstance();
	$records = NULL;

	if (strstr($visible_to, '+')) {
		$visible_to = str_replace('+', '', $visible_to);
		$type = ' and Above';
	}
	else if (strstr($visible_to, '-')) {
		$visible_to = str_replace('-', '', $visible_to);
		$type = ' and Below';
	}
	else $type = ' Only';

	if (!isset($base->sessvar['queries']['roles'])) {
		$base->db->select($base->db->table['roles']);
		$base->db->order('position', 'DESC');
		$base->db->query() or sql_error(__FILE__, __LINE__);
		$base->sessvar['queries']['roles'] = serialize($base->db->result());
	}

	foreach (unserialize($base->sessvar['queries']['roles']) as $role) {
		// Return TRUE if we have permission
		if ($role['role_id'] == $visible_to) return $role['name'].$type;
	}

}
?>